malvertising

Pierluigi Paganini May 03, 2015
Trustwave discovered the first political malvertising campaign

Experts at Trustwave observed a group of cyber criminals helping spread pro-Russia propaganda by inflating video views with a malvertising campaign. Security experts at Trustwave have discovered a botnet, originally designed for malvertising purpose, used redirect unaware users to view some pro-Russian videos on the website DailyMotion. The event is very interesting due to the political motivation […]

Pierluigi Paganini April 28, 2015
Booby trapped! Malvertising campaign hit Adult Site xHamster

A New malvertising campaign hit adult website xHamster by abusing ad provider TrafficHaus and exploiting the Google’s URL shortener service. Malversting campaigns are becoming a serious problem for web users, cyber criminals are exploiting this practice to infect wide audience of users that visit most popular websites. In January security experts at Cyphort firm discovered a […]

Pierluigi Paganini February 06, 2015
Fessleak malvertising campaign used to serve ransomware

Invincea has been monitoring the Fessleak campaign in which hackers leveraged Adobe Flash Player exploits and file-less infections to serve ransomware. Security experts from Invincea are investigating on a new Ransomware campaign originated in Russia that presented many interesting characteristics. The researchers discovered that the attacks started by using file-less infections then moved to the […]

Pierluigi Paganini January 16, 2015
Malvertising Campaign exploited Google AdWords advertising

Experts at Sucury firm have analyzed a malvertising scheme that has hijacked at least two distinct Google AdWords advertising campaigns. Malvertising campaigns are one of privileged attack vector exploited by criminal crews, their efficiency depends on the ability of attackers to compromise large audience channels. In September 2014 Malwarebytes firm discovered a large scale malvertising campaign exploiting Google’s […]

Pierluigi Paganini January 07, 2015
Malvertising, HuffingtonPost was serving Malware via AOL Ad-Network

Security company Cyphort has discovered a malvertising campaign that targeted several websites via AOL Ad-Network, including the Huffington Post. Security experts at Cyphort firm discovered a new malvertising campaign that hit numerous websites, including the Huffington Post and LA Weekly. The attackers exploited the AOL ad network to run the malicious campaign, Cyphort detected the attacks for the first […]

Pierluigi Paganini October 18, 2014
Malvertising campaigns hit US military industry to steal secrets and intellectual property

A new wave of malvertising attacks finalized to cyber espionage is targeting military contractors to military secrets and intellectual property. Security experts at security company Invincea have uncovered a new malvertising campaign used as a attack vector for highly-targeted cyber espionage operations against at least three firms in the US military industry. The malvertising is becoming even more popular in the […]

Pierluigi Paganini October 17, 2014
Same Origin Method Execution attack to perform unintended actions on a website on behalf of victims

A researcher presented a new attack method dubbed Same Origin Method Execution which could be exploited to impersonate the targeted user on many websites. Same Origin Method Execution (SOME) is a new technique of attack against website presented by Ben Hayak, researcher at Trustwave, at Black Hat Europe in Amsterdam. The Same Origin Method Execution (SOME) attack method is […]

Pierluigi Paganini October 03, 2014
Signed CryptoWall ransomware distributed via top websites

A digitally signed version of the popular CryptoWall ransomware is distributed via five Alexa top-ranked websites in a widespread malvertising campaign. Security experts at Barracuda Labs have discovered a new variant of CryptoWall ransomware in the wild, the new strain of malware presents a valid digital signature and it is being delivered as part of a widespread malvertising […]

Pierluigi Paganini August 31, 2014
Malvertising campaign hit high profile websites including java_com

A new malvertising campaign has been spotted by experts at Fox-IT, the researchers discovered malicious ads on high-profile websites including Java.com. Experts at Fox-IT revealed in a blog post the Internet firm AppNexus is the origin of a new “malvertising” campaign, which is based on the Angler Exploit Kit to redirect visitors to malicious websites serving the Asprox malware. AppNexus provides a platform […]